[cisco-voip] Resolving Sectigo root expiration affecting MRA
Derek Andrew
Derek.Andrew at usask.ca
Wed Jun 3 10:20:01 EDT 2020
If you had previously installed the certs on CUCM CUP CUC and CER as we
did, they would also have expired.
On Wed, Jun 3, 2020 at 7:34 AM Anthony Holloway <
avholloway+cisco-voip at gmail.com> wrote:
> CAUTION: This email originated from outside of the University of
> Saskatchewan. Do not click links or open attachments unless you recognize
> the sender and know the content is safe. If in doubt, please forward
> suspicious emails to phishing at usask.ca
>
> Hunter,
>
> I might be exposing a gap in my knowledge here, but why did you need these
> certs on CUCM?
>
> Cisco has now published a troubleshooting guide for this issue, and the
> article does not mention modifying CUCM cert store.
>
>
> https://www.cisco.com/c/en/us/support/docs/unified-communications/expressway/215561-troubleshooting-expressway-mra-login-and.html
>
> On Sat, May 30, 2020 at 7:02 PM Hunter Fuller <hf0002 at uah.edu> wrote:
>
>> All,
>>
>> If you use certs whose trust is derived from the Sectigo root that
>> expired today, and your MRA isn’t working, I’ll try to save you a call to
>> TAC.
>>
>> Do all of these things:
>>
>> - Load the new intermediates and root into callmanager-trust and
>> tomcat-trust on all your UCMs
>> - restart tomcat, tftp, and callmanager on those boxes
>> - load the new intermediates and root into the CA trust store on all
>> expressways
>> - reboot the Expressway-Es
>>
>> If you need more detail or help, let me know, we just got off the phone
>> with TAC. Hope it helps.
>>
>> --
>>
>> --
>> Hunter Fuller (they)
>> Router Jockey
>> VBH Annex B-5
>> +1 256 824 5331
>>
>> Office of Information Technology
>> The University of Alabama in Huntsville
>> Network Engineering
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>
--
Copyright 2020 Derek Andrew (excluding quotations)
+1 306 966 4808
Communication and Network Services
Information and Communications Technology
*University of Saskatchewan*Peterson 120; 54 Innovation Boulevard
Saskatoon,Saskatchewan,Canada. S7N 2V3
Timezone GMT-6
Typed but not read.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200603/8c6a7876/attachment.htm>
More information about the cisco-voip
mailing list